// parses the configuration and returns a backing store for the TUF files func getStore(configuration *viper.Viper, hRegister healthRegister) ( storage.MetaStore, error) { var store storage.MetaStore backend := configuration.GetString("storage.backend") logrus.Infof("Using %s backend", backend) switch backend { case notary.MemoryBackend: return storage.NewMemStorage(), nil case notary.MySQLBackend, notary.SQLiteBackend: storeConfig, err := utils.ParseSQLStorage(configuration) if err != nil { return nil, err } s, err := storage.NewSQLStorage(storeConfig.Backend, storeConfig.Source) if err != nil { return nil, fmt.Errorf("Error starting %s driver: %s", backend, err.Error()) } store = *storage.NewTUFMetaStorage(s) hRegister("DB operational", time.Minute, s.CheckHealth) case notary.RethinkDBBackend: var sess *gorethink.Session storeConfig, err := utils.ParseRethinkDBStorage(configuration) if err != nil { return nil, err } tlsOpts := tlsconfig.Options{ CAFile: storeConfig.CA, CertFile: storeConfig.Cert, KeyFile: storeConfig.Key, } if doBootstrap { sess, err = rethinkdb.AdminConnection(tlsOpts, storeConfig.Source) } else { sess, err = rethinkdb.UserConnection(tlsOpts, storeConfig.Source, storeConfig.Username, storeConfig.Password) } if err != nil { return nil, fmt.Errorf("Error starting %s driver: %s", backend, err.Error()) } s := storage.NewRethinkDBStorage(storeConfig.DBName, storeConfig.Username, storeConfig.Password, sess) store = *storage.NewTUFMetaStorage(s) hRegister("DB operational", time.Minute, s.CheckHealth) default: return nil, fmt.Errorf("%s is not a supported storage backend", backend) } return store, nil }
// parses the configuration and returns a backing store for the TUF files func getStore(configuration *viper.Viper, allowedBackends []string) ( storage.MetaStore, error) { storeConfig, err := utils.ParseStorage(configuration, allowedBackends) if err != nil { return nil, err } logrus.Infof("Using %s backend", storeConfig.Backend) if storeConfig.Backend == utils.MemoryBackend { return storage.NewMemStorage(), nil } store, err := storage.NewSQLStorage(storeConfig.Backend, storeConfig.Source) if err != nil { return nil, fmt.Errorf("Error starting DB driver: %s", err.Error()) } health.RegisterPeriodicFunc( "DB operational", store.CheckHealth, time.Second*60) return store, nil }
func main() { flag.Usage = usage flag.Parse() if debug { go debugServer(DebugAddress) } // when the server starts print the version for debugging and issue logs later logrus.Infof("Version: %s, Git commit: %s", version.NotaryVersion, version.GitCommit) ctx := context.Background() filename := filepath.Base(configFile) ext := filepath.Ext(configFile) configPath := filepath.Dir(configFile) mainViper.SetConfigType(strings.TrimPrefix(ext, ".")) mainViper.SetConfigName(strings.TrimSuffix(filename, ext)) mainViper.AddConfigPath(configPath) // Automatically accept configuration options from the environment mainViper.SetEnvPrefix("NOTARY_SERVER") mainViper.SetEnvKeyReplacer(strings.NewReplacer(".", "_")) mainViper.AutomaticEnv() err := mainViper.ReadInConfig() if err != nil { logrus.Error("Viper Error: ", err.Error()) logrus.Error("Could not read config at ", configFile) os.Exit(1) } lvl, err := logrus.ParseLevel(mainViper.GetString("logging.level")) if err != nil { lvl = logrus.ErrorLevel logrus.Error("Could not parse log level from config. Defaulting to ErrorLevel") } logrus.SetLevel(lvl) // set up bugsnag and attach to logrus bugs := mainViper.GetString("reporting.bugsnag") if bugs != "" { apiKey := mainViper.GetString("reporting.bugsnag_api_key") releaseStage := mainViper.GetString("reporting.bugsnag_release_stage") bugsnag.Configure(bugsnag.Configuration{ APIKey: apiKey, ReleaseStage: releaseStage, }) hook, err := bugsnag_hook.NewBugsnagHook() if err != nil { logrus.Error("Could not attach bugsnag to logrus: ", err.Error()) } else { logrus.AddHook(hook) } } keyAlgo := mainViper.GetString("trust_service.key_algorithm") if keyAlgo == "" { logrus.Fatal("no key algorithm configured.") os.Exit(1) } ctx = context.WithValue(ctx, "keyAlgorithm", keyAlgo) var trust signed.CryptoService if mainViper.GetString("trust_service.type") == "remote" { logrus.Info("Using remote signing service") clientTLS, err := grpcTLS(mainViper) if err != nil { logrus.Fatal(err.Error()) } notarySigner := client.NewNotarySigner( mainViper.GetString("trust_service.hostname"), mainViper.GetString("trust_service.port"), clientTLS, ) trust = notarySigner minute := 1 * time.Minute health.RegisterPeriodicFunc( "Trust operational", // If the trust service fails, the server is degraded but not // exactly unheatlthy, so always return healthy and just log an // error. func() error { err := notarySigner.CheckHealth(minute) if err != nil { logrus.Error("Trust not fully operational: ", err.Error()) } return nil }, minute) } else { logrus.Info("Using local signing service") trust = signed.NewEd25519() } if mainViper.GetString("storage.backend") == "mysql" { logrus.Info("Using mysql backend") dbURL := mainViper.GetString("storage.db_url") store, err := storage.NewSQLStorage("mysql", dbURL) if err != nil { logrus.Fatal("Error starting DB driver: ", err.Error()) return // not strictly needed but let's be explicit } health.RegisterPeriodicFunc( "DB operational", store.CheckHealth, time.Second*60) ctx = context.WithValue(ctx, "metaStore", store) } else { logrus.Debug("Using memory backend") ctx = context.WithValue(ctx, "metaStore", storage.NewMemStorage()) } tlsConfig, err := serverTLS(mainViper) if err != nil { logrus.Fatal(err.Error()) } logrus.Info("Starting Server") err = server.Run( ctx, mainViper.GetString("server.addr"), tlsConfig, trust, mainViper.GetString("auth.type"), mainViper.Get("auth.options"), ) logrus.Error(err.Error()) return }
func main() { flag.Usage = usage flag.Parse() if debug { go debugServer(DebugAddress) } // when the server starts print the version for debugging and issue logs later logrus.Infof("Version: %s, Git commit: %s", version.NotaryVersion, version.GitCommit) ctx := context.Background() filename := filepath.Base(configFile) ext := filepath.Ext(configFile) configPath := filepath.Dir(configFile) viper.SetConfigType(strings.TrimPrefix(ext, ".")) viper.SetConfigName(strings.TrimSuffix(filename, ext)) viper.AddConfigPath(configPath) // Automatically accept configuration options from the environment viper.SetEnvPrefix("NOTARY_SERVER") viper.SetEnvKeyReplacer(strings.NewReplacer(".", "_")) viper.AutomaticEnv() err := viper.ReadInConfig() if err != nil { logrus.Error("Viper Error: ", err.Error()) logrus.Error("Could not read config at ", configFile) os.Exit(1) } lvl, err := logrus.ParseLevel(viper.GetString("logging.level")) if err != nil { lvl = logrus.ErrorLevel logrus.Error("Could not parse log level from config. Defaulting to ErrorLevel") } logrus.SetLevel(lvl) // set up bugsnag and attach to logrus bugs := viper.GetString("reporting.bugsnag") if bugs != "" { apiKey := viper.GetString("reporting.bugsnag_api_key") releaseStage := viper.GetString("reporting.bugsnag_release_stage") bugsnag.Configure(bugsnag.Configuration{ APIKey: apiKey, ReleaseStage: releaseStage, }) hook, err := bugsnag_hook.NewBugsnagHook() if err != nil { logrus.Error("Could not attach bugsnag to logrus: ", err.Error()) } else { logrus.AddHook(hook) } } keyAlgo := viper.GetString("trust_service.key_algorithm") if keyAlgo == "" { logrus.Fatal("no key algorithm configured.") os.Exit(1) } ctx = context.WithValue(ctx, "keyAlgorithm", keyAlgo) var trust signed.CryptoService if viper.GetString("trust_service.type") == "remote" { logrus.Info("Using remote signing service") trust = signer.NewNotarySigner( viper.GetString("trust_service.hostname"), viper.GetString("trust_service.port"), viper.GetString("trust_service.tls_ca_file"), ) } else { logrus.Info("Using local signing service") trust = signed.NewEd25519() } if viper.GetString("storage.backend") == "mysql" { logrus.Info("Using mysql backend") dbURL := viper.GetString("storage.db_url") store, err := storage.NewSQLStorage("mysql", dbURL) if err != nil { logrus.Fatal("Error starting DB driver: ", err.Error()) return // not strictly needed but let's be explicit } ctx = context.WithValue(ctx, "metaStore", store) } else { logrus.Debug("Using memory backend") ctx = context.WithValue(ctx, "metaStore", storage.NewMemStorage()) } logrus.Info("Starting Server") err = server.Run( ctx, viper.GetString("server.addr"), viper.GetString("server.tls_cert_file"), viper.GetString("server.tls_key_file"), trust, viper.GetString("auth.type"), viper.Get("auth.options"), ) logrus.Error(err.Error()) return }